Home grown spam outing via Block Alert

Andrew Smith writes…

I started to get annoyed at the amount of spam I was receiving. I started reading about different initiatives such as filtering, DNS based blocklists and ran across sites such as Spamhaus.

Since I’m a fairly technical person, I started to try to build my own spam filtering system. I focused on decoding inbound email messages to find out where they linked to. Almost all the spam I received contained links to web sites selling products or services.

By resolving domain names to IP addresses I started to notice that spammers would frequently move domain names to different IP address. Also, spammers would also host many domains on the same IP addresses. It became clear that such activity appeared to be clumped together within certain “regions”.

The next step was to determine who was responsible for the IP addresses that are either originating spam or that serve as destinations for spamvertising. This is where BlockAlert came from. Based on an analysis of inbound spam, the web site highlights who is responsible for hosting servers that are spamvertised. It also shows how much spam originated within IP blocks, but that is not the primary focus of the site. Other groups, or blocklists, already do a very good job of source identification.

So, I guess the intent is to make it publicly visible when ISP’s are spam or spamvertising friendly. In this way, consumers could choose not to associate with such ISP’s, which would in effect pressure them to behave in a more ethical manner.

You can check out Andrew’s work at BlockAlert. Andrew is looking for comments on its applicability to the larger spam fight at hand; meanwhile you can take a peek at some of the hosts for all those V1agra and m0rtage offers.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.